Zero-Day Exploit in Ivanti VPN Allows Hackers Network Access

Popular：

Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

Zero-Day Exploit in Ivanti VPN Allows Hackers Network Access

2025-01-09

A critical zero-day vulnerability (CVE-2025-0282) in Ivanti's widely used enterprise VPN appliance has been exploited by hackers to compromise corporate networks. The vulnerability affects Connect Secure, Policy Secure, and ZTA Gateways products, with Connect Secure being the most widely adopted SSL VPN. Mandiant and Microsoft researchers observed exploitation as early as mid-December 2024. The attack shows hallmarks of an advanced persistent threat (APT), and suspicions point towards a China-linked cyberespionage group. Ivanti has released a patch for Connect Secure, with patches for others coming January 21st.

(techcrunch.com)

Tech zero-day exploit

WorstFit: Exploiting Hidden Transformers in Windows ANSI

Century-Old Math Problem Solved: Proving the Irrationality of ζ(3)